hardware – T Clouds Project

As a data operator of a Cloud service you will have many security concerns. Any new technology comes with a host of new threats to your business model, in particular the business of maintaining privacy in the digital world has become difficult. According to the CSA publication The treacherous 12, there are over 12 security threats to consider. Their article focuses on the 12 most pressing issues they have chosen, of which several of them are of particular concern. According to wikipedia the CSA puts Insecure interfaces and API’s at almost a third of the ‘cloud security outages’, and data loss and leakage make up to a quarter, with hardware failure being the third most troublesome issue.

Without going into great technical detail there are a variety of ways that an insecure API can result in loss or release of sensitive data. To simplify the situation it is about access, a multitude of individuals who now have controlled access. Every door though provides a weakness that walls do not have. Your API is a door into the server room, and a host of people all have their own doors. While most people only have access to their own portion of the server, the server can have bugs not known that give access to other parts of the room. Not to mention the fact that often a Cloud customer may give access to third parties to use the data on the Cloud.

Data loss can occur in a number of significant ways outside of malicious intentions. It is important to maintain backups in case of disaster. Any kind of disaster that destroys the actual hardware of the Cloud service is a possibility to keep in mind; though a client encrypting their information and forgetting the encryption code is a far more likely concern. It does not rest solely on the Cloud provider to prevent loss of information. While malicious intent does compromise most of the loss of data that could have been prevented, it is much more difficult to maintain good practices of protection against an intelligent intruder, over lets say the Customer forgetting their encryption key.

The Mitigation of data leakages involves many types of habits that a good Cloud provider must follow. There are a few types of applications that the Cloud provider can set up to mitigate data leaks from shared networks. It is important to keep in mind that the hardware a client is using could be used by a number of other customers. And this creates security vulnerabilities in the system itself that, even without malicious intent, can lead to outsiders having access to the clients data. Any program is going to have bugs, bugs are essentially problems in the code that wasn’t vetted for. This is going to happen with any program. The amount of code it takes to write a sophisticated program means that there are vulnerabilities that haven’t been thought through, or even discovered yet.

Vulnerabilities lie in loose links, and with so many links in the encryption process it becomes difficult to cover all your bases. It isn’t impossible, the important thing is to stay ahead of the curve. You want to be more secure than your neighbour to prevent vulnerabilities. But the facts are that the code itself is often hundreds of lines long, and to know every vulnerability in a chain that large becomes difficult, luckily finding cracks in the chain is also difficult for the hacker. But above and beyond the programming errors, which can be solved with frequent patches, is the human vulnerabilities and hardware failure.

A popular type of Cloud service these days is Iaas. It is a means of keeping costs down in the flexible area of hardware needs. Iaas or Infrastructure as a Service is designed around providing a user with the available hardware to host whatever project needs hosting.

The best way to think about this is you are paying for the use of a network like you would a tax on infrastructure. One day you may have to use the subway, another day the roads, and then some days you have five trucks and a subway car on the infrastructure. Infrastructure as a service gives you real or virtual hardware that you can upload your information to. Your programs or the users of your webpage go through the infrastructure of the Cloud host. The host gives you the availability of storage and memory that scales according to your needs, but you have to build the project from the ground up to make use of the available infrastructure.

Getting down to basics allows the customer or the company renting out the Cloud service to scale their operations according to their needs. For some the question may be why go through the extra effort to provide your own platform. The scale of your operation when you rent out virtual room in the Iaas system is more flexible this way. While Paas offers more software services to the customer, the open nature of Iaas gives a more established flexibility to create their own services with the hardware rented out. The provider has the hardware, whatever particular hardware services they are offering, and the customer rents it out to keep costs down. Any large database needs to be kept in a cool dry environment, and this amongst other things drives costs up especially for a project with variable memory needs.

Many services are virtual server space, network connections, bandwidth, IP addresses and load balancers. Like Saas and Paas, Iaas is accessed by a client through the internet. The Cloud in general is essentially an Application or a Web page that accesses the server through the internet and creates available storage for the user. The provider is able to keep their own costs down by letting the customer base make decisions on what type of platform or software to install on their hardware. In turn, everything works seamlessly together. The hardware of an Iaas provider is often stored in many different facilities, allowing them to provide a product of scale. Basically they can rent out their hardware to other users and by having a large facility or facilities they are able to keep costs down that are passed on to the customer.

The customer does not have to rent out their own facility this way. By not having to maintain their own facility they are able to scale their operation according to peak and low traffic times. For instance a weight loss website might want to rent out from an Iaas or Paas provider to keep costs down during lulls in business. But after New Years they might acquire a lot of customers that providing for would be a huge expense the rest of year.

Between Iaas and Paas providers the user has to decide what type of operation needs they have. For a developer Paas might be the way to go, but for a more established company, or a company that has a product in line for their users a Iaas provider will be able to give them the hardware they might need at a scalable rate meeting their needs as it is needed. Time, money, efficiency and ease of use are important factors in any business and tuning into the correct providers is the way to go.